function setCors(req, res, next) {
  res.setHeader('Access-Control-Allow-Headers', 'Content-Type,token')
  res.setHeader('Access-Control-Allow-Origin', '*')
  res.setHeader('Access-Control-Allow-Methods', '*')
  // res.setHeader('Access-Control-Allow-Origin','http://www.baidu.com')
  // res.setHeader('Access-Control-Allow-Methods','POST,GET,HEAD,DELETE')
  next()
}
